Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/bcS-hsDeO0gtgs28TEiHyvA81q0.roa
File: bcS-hsDeO0gtgs28TEiHyvA81q0.roa (raw, json)
Hash identifier: CeE5W6otaxPvfHxN+lyC5C8i9p819egn6IV1iHF00Ew=
Subject key identifier: 6D:C4:BE:86:C0:DE:3B:48:2D:82:CD:BC:4C:48:87:CA:F0:3C:D6:AD
Certificate issuer: /CN=dc66d8b9d38d5bb19cfa0c4644b45293d1e8b6fa
Certificate serial: 0194252147DB43150111C39F9FC1CC8BCEA9
Authority key identifier: DC:66:D8:B9:D3:8D:5B:B1:9C:FA:0C:46:44:B4:52:93:D1:E8:B6:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/bcS-hsDeO0gtgs28TEiHyvA81q0.roa
Signing time: Thu 02 Jan 2025 03:48:45 +0000
ROA not before: Thu 02 Jan 2025 03:48:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50585
IP address blocks: 194.110.142.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:25:21:47:db:43:15:01:11:c3:9f:9f:c1:cc:8b:ce:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc66d8b9d38d5bb19cfa0c4644b45293d1e8b6fa
Validity
Not Before: Jan 2 03:48:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6dc4be86c0de3b482d82cdbc4c4887caf03cd6ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:5a:1f:43:a7:af:42:b7:d7:36:96:94:74:57:
3d:18:39:7a:6a:66:5f:cc:00:50:8b:43:2f:23:44:
f2:4d:d1:54:46:55:39:8c:dc:e3:35:2e:92:95:ea:
67:09:40:f1:04:4a:78:44:32:82:07:ce:49:c4:41:
56:d8:7c:db:3b:c6:39:bb:09:53:69:ca:eb:fc:10:
01:7d:7d:91:9e:50:08:f0:84:34:6c:74:12:55:e9:
51:09:b7:de:00:1c:7f:c5:81:a7:b3:a1:d5:8f:6e:
73:3c:0b:3e:49:6a:7a:6d:ed:42:c0:be:b4:be:38:
c1:aa:3b:48:c0:b6:d5:bb:43:68:39:f4:de:cc:2c:
8f:e6:09:d3:96:55:c6:19:e7:76:a2:ff:b5:ec:8b:
d6:0c:83:7a:00:e8:26:31:64:5b:7f:f9:0a:55:fe:
3d:66:6e:0c:6a:b4:a0:eb:ab:55:98:fd:66:e1:f5:
64:d5:ab:9b:76:89:b0:de:23:e1:2e:e3:27:d2:4f:
0b:52:4b:4f:d0:16:11:72:77:58:ad:dd:11:04:b8:
bb:aa:b4:df:bf:0d:4b:61:b0:94:4d:da:ee:9c:98:
53:0b:ad:02:46:fb:96:b8:1b:2b:7d:f8:89:0e:9e:
68:d2:62:fa:c7:eb:67:a5:c8:80:c4:86:a9:d9:a4:
a2:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C4:BE:86:C0:DE:3B:48:2D:82:CD:BC:4C:48:87:CA:F0:3C:D6:AD
X509v3 Authority Key Identifier:
keyid:DC:66:D8:B9:D3:8D:5B:B1:9C:FA:0C:46:44:B4:52:93:D1:E8:B6:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3GbYudONW7Gc-gxGRLRSk9Hotvo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/bcS-hsDeO0gtgs28TEiHyvA81q0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/14f684-0453-4625-966e-4771d1a4ddf0/1/3GbYudONW7Gc-gxGRLRSk9Hotvo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.110.142.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:29:af:47:6c:1d:4b:09:c5:4c:4a:c9:3b:12:87:0f:4e:43:
7c:d4:35:81:61:ca:3c:8d:d0:87:e0:99:42:3d:cb:dd:ab:3f:
f3:84:b9:4b:24:df:63:c3:b6:4a:82:06:50:92:40:2d:74:57:
ca:86:b3:fd:f3:62:20:4d:4d:43:21:d3:73:e3:32:09:20:e6:
6b:87:cb:07:28:e2:ad:d4:d8:25:37:27:f2:4e:75:6a:ad:3e:
39:cb:30:ea:52:a7:e5:9b:f5:62:f2:26:ad:4b:6c:85:16:ed:
ea:97:7a:00:e2:8b:5f:a9:2d:46:82:7b:1e:8d:c3:af:22:c0:
58:cb:17:d9:98:da:dc:62:fb:cf:d3:5f:28:d6:99:b8:5d:3f:
d8:8e:07:03:ba:ef:3b:49:92:72:01:4f:da:93:eb:c8:7b:3d:
9e:77:3e:62:2c:50:3d:06:d1:6b:d0:85:af:43:ea:9c:c6:3d:
59:bf:49:5b:f4:a7:ae:d2:6f:48:9b:1f:aa:3a:af:24:b9:42:
57:bd:23:06:f8:04:6e:b8:4e:43:d4:f9:d5:7e:49:38:2f:72:
a2:a6:ab:43:f3:4e:77:f0:e0:87:81:67:71:b9:c7:e3:09:44:
5a:19:27:07:f1:b2:f0:3c:1d:e7:32:11:6d:ca:8c:58:bb:63:
76:5b:bb:99
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQlIUfbQxUBEcOfn8HMi86pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNjZkOGI5ZDM4ZDViYjE5Y2ZhMGM0NjQ0YjQ1MjkzZDFl
OGI2ZmEwHhcNMjUwMTAyMDM0ODQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZGM0YmU4NmMwZGUzYjQ4MmQ4MmNkYmM0YzQ4ODdjYWYwM2NkNmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlVofQ6evQrfXNpaUdFc9GDl6amZf
zABQi0MvI0TyTdFURlU5jNzjNS6SlepnCUDxBEp4RDKCB85JxEFW2HzbO8Y5uwlT
acrr/BABfX2RnlAI8IQ0bHQSVelRCbfeABx/xYGns6HVj25zPAs+SWp6be1CwL60
vjjBqjtIwLbVu0NoOfTezCyP5gnTllXGGed2ov+17IvWDIN6AOgmMWRbf/kKVf49
Zm4MarSg66tVmP1m4fVk1aubdomw3iPhLuMn0k8LUktP0BYRcndYrd0RBLi7qrTf
vw1LYbCUTdrunJhTC60CRvuWuBsrffiJDp5o0mL6x+tnpciAxIap2aSieQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFG3EvobA3jtILYLNvExIh8rwPNatMB8GA1UdIwQY
MBaAFNxm2LnTjVuxnPoMRkS0UpPR6Lb6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8xNGY2ODQtMDQ1My00NjI1LTk2NmUt
NDc3MWQxYTRkZGYwLzEvYmNTLWhzRGVPMGd0Z3MyOFRFaUh5dkE4MXEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8xNGY2ODQtMDQ1My00NjI1LTk2NmUtNDc3MWQxYTRkZGYw
LzEvM0diWXVkT05XN0djLWd4R1JMUlNrOUhvdHZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwm6OMA0G
CSqGSIb3DQEBCwUAA4IBAQAbKa9HbB1LCcVMSsk7EocPTkN81DWBYco8jdCH4JlC
Pcvdqz/zhLlLJN9jw7ZKggZQkkAtdFfKhrP982IgTU1DIdNz4zIJIOZrh8sHKOKt
1NglNyfyTnVqrT45yzDqUqflm/Vi8iatS2yFFu3ql3oA4otfqS1GgnsejcOvIsBY
yxfZmNrcYvvP018o1pm4XT/YjgcDuu87SZJyAU/ak+vIez2edz5iLFA9BtFr0IWv
Q+qcxj1Zv0lb9Keu0m9Imx+qOq8kuUJXvSMG+ARuuE5D1PnVfkk4L3KipqtD8053
8OCHgWdxucfjCURaGScH8bLwPB3nMhFtyoxYu2N2W7uZ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:45:03 2025 by rpki-client